Vulnerabilities > Fedoraproject > Fedora > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-11-01 CVE-2022-42322 Memory Leak vulnerability in multiple products
Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0.
local
low complexity
xen debian fedoraproject CWE-401
5.5
5.5
2022-11-01 CVE-2022-42323 Memory Leak vulnerability in multiple products
Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0.
local
low complexity
xen debian fedoraproject CWE-401
5.5
5.5
2022-11-01 CVE-2022-42324 Incorrect Conversion between Numeric Types vulnerability in multiple products
Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision.
local
low complexity
xen debian fedoraproject CWE-681
5.5
5.5
2022-11-01 CVE-2022-42325 Memory Leak vulnerability in multiple products
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error.
local
low complexity
xen debian fedoraproject CWE-401
5.5
5.5
2022-11-01 CVE-2022-42326 Memory Leak vulnerability in multiple products
Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error.
local
low complexity
xen debian fedoraproject CWE-401
5.5
5.5
2022-10-30 CVE-2022-44020 Improper Preservation of Permissions vulnerability in multiple products
An issue was discovered in OpenStack Sushy-Tools through 0.21.0 and VirtualBMC through 2.2.2.
local
low complexity
opendev fedoraproject CWE-281
5.5
5.5
2022-10-19 CVE-2022-39253 Link Following vulnerability in multiple products
Git is an open source, scalable, distributed revision control system.
local
low complexity
git-scm fedoraproject apple debian CWE-59
5.5
5.5
2022-10-18 CVE-2022-21618 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS).
network
low complexity
oracle fedoraproject netapp azul
5.3
5.3
2022-10-18 CVE-2022-21626 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security).
network
low complexity
oracle fedoraproject netapp azul
5.3
5.3
2022-10-18 CVE-2022-21628 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server).
network
low complexity
oracle fedoraproject netapp azul
5.3
5.3